如何只允许从特定页面访问URL

时间:2019-03-16 11:41:58

标签: django

我希望用户仅在items_buy()函数完成后才能访问付款页面。

  

views.py

  def items_buy(request):
    if not request.user.is_authenticated:
        messages.info(request, 'You have to logged in first.')
        return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path))
    sess = request.session.get("data", {"items": []})
    if request.method == "POST":
        form = BuyerDeliveryForm(request.POST)
        if form.is_valid():
            buyer = form.save(commit=False)
            buyer.save()
            buyer.product.set(Product.objects.filter(active=True, slug__in=sess["items"]))
            return redirect('shop:payment')
    else:
        form = BuyerDeliveryForm()
    return render(request, 'shop/delivery_form.html', {'form': form})


def payment(request):
    return render(request,'shop/payment.html')

1 个答案:

答案 0 :(得分:1)

您可以在这里使用已经用于收集产品的会话:

sess = request.session.get("data", {"items": []})

因此,在重定向用户之前,只需在其会话存储区中设置一个标志,使他们可以访问“付款”路线。

buyer.product.set(Product.objects.filter(active=True, slug__in=sess["items"]))
request.session['allow_payments'] = True
return redirect('shop:payment')

然后在“付款”中检查标志

def payment(request):
    if not request.session.get('allow_payments'):
        return redirect(...somewhere...)

    return render(request,'shop/payment.html')